<?php
	session_start();
	$username = $_POST['username'];
	$password = md5($_POST['password']);
	
	include 'common/connect.php';
	$result = mysql_query("SELECT * FROM user WHERE username='".$username."' and password='".$password."'");
	$row = mysql_fetch_array($result);
	if( is_array($row) ){
		$_SESSION['user'] = 1;
		$_SESSION['userType'] = $row['type'];
		header('location:index.php');
	}else{
		$_SESSION['user'] = 0;
		$_SESSION['userType'] = 0;
		header('location:login.html');
	}
	mysql_close($con);
?>